CVE-2024-6592

Incorrect Authorization vulnerability in the protocol communication between the WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows and the WatchGuard Single Sign-On Client on Windows and MacOS allows Authentication Bypass.This issue affects the Authentication Gateway: through 12.10.2; Windows Single Sign-On Client: through 12.7; MacOS Single Sign-On Client: through 12.5.4.
References
Link Resource
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00014 Mitigation Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:watchguard:authentication_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:watchguard:single_sign-on_client:*:*:*:*:*:macos:*:*
cpe:2.3:a:watchguard:single_sign-on_client:*:*:*:*:*:windows:*:*

History

01 Oct 2024, 16:06

Type Values Removed Values Added
CPE cpe:2.3:a:watchguard:single_sign-on_client:*:*:*:*:*:macos:*:*
cpe:2.3:a:watchguard:single_sign-on_client:*:*:*:*:*:windows:*:*
cpe:2.3:a:watchguard:authentication_gateway:*:*:*:*:*:*:*:*
First Time Watchguard
Watchguard single Sign-on Client
Watchguard authentication Gateway
References () https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00014 - () https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00014 - Mitigation, Vendor Advisory

26 Sep 2024, 13:32

Type Values Removed Values Added
Summary
  • (es) La vulnerabilidad de autorización incorrecta en la comunicación de protocolo entre WatchGuard Authentication Gateway (también conocido como Single Sign-On Agent) en Windows y WatchGuard Single Sign-On Client en Windows y MacOS permite la omisión de la autenticación. Este problema afecta a Authentication Gateway: hasta la versión 12.10.2; Windows Single Sign-On Client: hasta la versión 12.7; MacOS Single Sign-On Client: hasta la versión 12.5.4.

25 Sep 2024, 12:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-25 12:15

Updated : 2024-10-01 16:06


NVD link : CVE-2024-6592

Mitre link : CVE-2024-6592

CVE.ORG link : CVE-2024-6592


JSON object : View

Products Affected

watchguard

  • single_sign-on_client
  • authentication_gateway
CWE
CWE-863

Incorrect Authorization